Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0664

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0664
Last Modified 10 Sep 2008 03:12:40
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0664

Summary

The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts.

Vulnerable Systems

Application

  • Granite Software Zmerge 4.0

  • Granite Software Zmerge 5.0


References

BID - 5101

XF - zmerge-admindb-script-access(10057)

BUGTRAQ - 20020906 Rapid 7 Advisory R7-0005: ZMerge Insecure Default ACLs


Last Updated: 27 May 2016 10:37:01